The Value of Incident Response Planning

In 2012, Gartner made the following prediction: "Through 2016, 75% of CISOs who experience publicly disclosed security breaches and lack documented; tested response plans will be fired."

As an information security leader there is no "hard and fast" rule that defines whether or not you are doing a sufficient job. However, once you have a breach, the expectations of your organization are clearly defined and backed by numerous regulators eager to show their constituencies that they mean business. This is a major concern for your Board of Directors and is probably the last thing you are prepared to deal with.